how to install windows 10 from usb pen drive

in this video, we installed windows 10 from iso file of windows 10 in windows 10 pc, but this same method will work for installing windows 10 on windows 7 / windows 8.1 / windows 8 pc.

In this video we will see how to install windows 10 from usb pendrive. For this, you will have to first create bootable USB media from ISO for Windows 10. You will also have to create a separate partition, with at least 16 GB space, using the built-in Disk Management tool, if you plan to dual-boot it. This is one of its system requirement.

From an easy upgrade in Windows update if you reserved your copy, to the included USB stick if you go for a retail purchase, Microsoft provides plenty of options for installing Windows 10.
However, if you purchased a product key online, or simply lose your original installation media down the line and want to perform a clean install, you may want to create your own DVD drive or USB stick as a failsafe, otherwise known as a bootable disc or a boot disc or boot drive.

This could come in handy if you're trying to install on a new machine without an OS currently on board, or if something goes horribly wrong with your current install.

Thankfully, this isn't as difficult as it sounds, and we're going to give you a step-by-step guide to installing Windows 10 from your own USB stick or DVD.

Perhaps the easiest option for create a backup install drive is via USB. If you plan on going this route, you'll need a USB flash drive that is at least 4GB in size. Keep in mind that anything currently on the drive will be erased in the process, so it's advisable to backup anything you may have saved on your drive of choice and start fresh.

Alternatively, you can create a backup install disc with a DVD if your computer happens to have an optical drive on board. Either way you go, you'll need a third-party program to get the job done. We'd recommend Rufus for USB.

Finally, you'll need your Windows 10 product key at the ready as well. You should be able to locate it in your confirmation email if you purchased online, in your Windows 10 box if you purchased at retail, or somewhere on your machine if you bought a PC with Windows 10 out of the box. If you still can't find it, we'd recommend downloading and running a tool called Belarc Advisor, which can show you your product key as well.

The main file we're going to be working with here is the Windows 10 ISO . Without getting too technical, an ISO file is basically a snapshot of the Windows 10 install media as it would appear on a DVD or USB disk.


Having done this, you will have to set your computer to boot from a USB device. Please be very careful when you change the settings here, lest it make your computer un-bootable.

To do this on my pc, I have to restart it and keep pressing the F12 key to enter the Boot Options Setup.  Here you will have to change the boot order. If your device uses Secure Boot / UEFI, you will have to change it to Legacy.

Use the 4 arrow keys of your keyboard, navigate to the Boot tab and change the settings. Disable Secure Boot, enable Legacy option and set Boot List option to Legacy. Next move USB Storage Device to the first position and set it to be the first device to boot from.

Once you have done this, with your USB connected to your laptop or pc, restart the laptop pc

►  Note for Windows 10 users : If you upgrade to Windows 10, the new OS will take the product key and activation details from your earlier OS. These are then saved on Microsoft servers, along with your PC details. If you clean install Windows the first time, you may face activation problems. If you performed an upgrade the first time, activated Windows 10, and then clean installed Windows 10 on the same PC, then there will be no activation issues, as the OS will pull activation details from Microsoft servers. So, if your Windows 10 isn’t activated, we suggest you not perform a clean install the first time. First Upgrade the first time, Activate it and then Clean Install.

Read More

how to make bootable pendrive for windows from iso file

If you have an old USB drive lying around that you don't use anymore, you can turn it into an operating install disk for Windows, Linux or Mac, or turn it into a diagnostic tool for your PC. To make a USB bootable, you'll likely need to tweak and format the USB drive in a manner according to the specific operating system or purpose you have in mind.

If you are facing the problem while creating Bootable Pendrive. Here is the very easiest method to create Bootable Pendrive from iso file. We need to create bootable Pendrive of installing windows in your system without CD/DVD. You can use Pendrive for installing windows on your computer. Every day many people try to make bootable Pendrive, but not get success.

You know Why
Because on the web, everybody tells about Run command to make bootable pen drive.

Command method is very hard to create bootable Pendrive for a beginner. Every user doesn’t know, he is using command is right or wrong , some users fails to create bootable Pendrive because they properly not follow the command.

Before begin, the process makes sure you have Windows iso file and Minimum 4GB storage Pendrive. If you don’t have .iso file then take it. You can use Nero software for making .iso file from CD/DVD.

► What is Bootable Pen drive?

Bootable pen drive is a method to install windows in your system through pen drive, after doing this you can easily use your pen drive for installing the operating system.

A common use of a bootable USB flash drive is to use it to boot into Windows. Booting from removable media such as a USB drive allows you to perform diagnostics on a computer that is having trouble booting from the hard drive. You can also use the flash drive to install Windows, instead of using the Windows installation CD.

► Why is it necessary to make a CD/pendrive bootable (using a converter) before using it to install an operating system?

► Why won't simply copying OS files into CD/Pendrive won't work. We have to convert it to a bootable CD/Pendrive to successfully install an OS through it.

-For this you need to understand the boot process. Below is the boot process simplified.

1. BIOS selects the disk which is set as the first priority for boot.
2. Now, this disk's first sector should contain the MBR (Master Boot Record) which also contains a "Boot flag". If this flag is 1 then it means the device is bootable and also that MBR is valid.
3. Now MBR points to the location of bootloader (i.e. NTLDR (in WinXP), bootmgr (in WinVista/Win8/Win10), GRUB in Linux). Then this bootloader is run. This is Stage 1 Boot.
4. After this, the bootloader reads the boot configuration and lists out all the available OS in the disk. Once, selected it loads the OS components (kernel, memory manager, cache managers etc.) and proceeds further till user login. This is Stage 2 Boot.
5. If BIOS is unable to find a valid MBR in first boot device it proceeds further to next device.

If we simply copy all the OS files into a USB/CD we are ready for Stage 2 boot but we haven't placed the MBR. That's why we need special tools to place this MBR so that BIOS recognizes the USB/CD as a bootable device and starts Stage 1 boot.

in this video i used RUFUS to make bootable pendrive. you can download RUFUS from https://rufus.akeo.ie/

overview of Rufus

- System Requirements:

Windows XP or later, 32 or 64 bit doesn't matter. Once downloaded, the application is ready to use.

- Notes on DOS support:

If you create a DOS bootable drive and use a non-US keyboard, Rufus will attempt to select a keyboard layout according to the locale of your system. In that case, FreeDOS, which is the default selection, is recommended over MS-DOS, as it supports more keyboard layouts.

- Notes on ISO Support:

All versions of Rufus since v1.1.0 allow the creation of a bootable USB from an ISO image (.iso).

Creating an ISO image from a physical disc or from a set of files is very easy to do however, through the use of a CD burning application, such as the freely available CDBurnerXP or ImgBurn.

- Notes on UEFI & GPT support:

Since version 1.3.2, Rufus support UEFI as well as GPT for installation media, meaning that it will allow you to install Windows 7, Windows 8 or Linux in full EFI mode.
However, Windows Vista or later is required for full UEFI/GPT support. Because of OS limitations, Windows XP restricts the creation of UEFI bootable drives to MBR mode.

Read More

Beware! Dozens of Linksys Wi-Fi Router Models Vulnerable to Multiple Flaws

Bad news for consumers with Linksys routers: Cybersecurity researchers have disclosed the existence of nearly a dozen of unpatched security flaws in Linksys routers, affecting 25 different Linksys Smart Wi-Fi Routers models widely used today.

IOActive's senior security consultant Tao Sauvage and independent security researcher Antide Petit published a blog post on Wednesday, revealing that they discovered 10 bugs late last year in 25 different Linksys router models.

Out of 10 security issues (ranging from moderate to critical), six can be exploited remotely by unauthenticated attackers.

According to the researchers, when exploited, the flaws could allow an attacker to overload the router, force a reboot by creating DoS conditions, deny legitimate user access, leak sensitive data, change restricted settings and even plant backdoors.

Many of the active Linksys devices exposed on the internet scanned by Shodan were using default credentials, making them susceptible to the takeover.

Researchers found more than 7,000 devices impacted by the security flaws at the time of the scan, though this does not include routers protected by firewalls or other network protections.

"We performed a mass-scan of the ~7,000 devices to identify the affected models," IOActive says. "We found that 11% of the ~7000 exposed devices were using default credentials and therefore could be rooted by attackers."

IOActive made Linksys aware of the issues in January this year and is working "closely and cooperatively" with the company ever since to validate and address the vulnerabilities.

Here's How critical are these Flaws:

The researchers did not reveal more details about the vulnerabilities until the patch is made available to users, although they said two of the flaws could be used for denial-of-service attacks on routers, making them unresponsive or reboot by sending fraudulent requests to a specific API.

Other flaws could allow attackers to bypass CGI scripts to collect sensitive data such as firmware versions, Linux kernel versions, running processes, connected USB devices, Wi-Fi WPS pins, firewall configurations, FTP settings, and SMB server settings.

CGI, or Common Gateway Interface, is a standard protocol which tells the web server how to pass data to and from an application.

Researchers also warned that attackers those have managed to gain authentication on the devices can inject and execute malicious code on the device's operating system with root privileges.

With these capabilities in hands, attackers can create backdoor accounts for persistent access that are even invisible in the router smart management console and so to legitimate administrators.

However, researchers did not find an authentication bypass that can allow an attacker to exploit this flaw.

List of Vulnerable Linksys Router Models:

Here's the list of Linksys router models affected by the flaws:

EA2700, EA2750, EA3500, EA4500v3, EA6100, EA6200, EA6300, EA6350v2, EA6350v3, EA6400, EA6500, EA6700, EA6900, EA7300, EA7400, EA7500, EA8300, EA8500, EA9200, EA9400, EA9500, WRT1200AC, WRT1900AC, WRT1900ACS, and WRT3200ACM.

The majority of the exposed devices (nearly 69%) are located in in the United States, and others are spotted in countries including Canada (almost 10%), Hong Kong (nearly 1.8%), Chile (~1.5%), and the Netherlands (~1.4%).

A small percentage of vulnerable Linksys routers have also been spotted in Argentina, Russia, Sweden, Norway, China, India, UK, and Australia.

Here's How you can Mitigate Attacks originating from these Flaws:

As temporary mitigation, Linksys recommended its customers to disable the Guest Network feature on any of its affected products to avoid any attempts at the malicious activity.

The company also advised customers to change the password in the default account in order to protect themselves until a new firmware update is made available to patch the problems.

Linksys is working to release patches for reported vulnerabilities with next firmware update for all affected devices. So users with Smart Wi-Fi devices should turn ON the automatically update feature to get the latest firmware as soon as the new versions arrive.  

Read More

This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera

A Chinese infosec researcher has discovered a new "almost impossible to detect" phishing attack that can be used to trick even the most careful users on the Internet.

He warned, Hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names as the websites of legitimate services, like Apple, Google, or Amazon to steal login or financial credentials and other sensitive information from users.

What is the best defence against phishing attack? Generally, checking the address bar after the page has loaded and if it is being served over a valid HTTPS connection. Right?

Okay, then before going to the in-depth details, first have a look at this demo web page (note: you may experience downtime due to high traffic on demo server), set up by Chinese security researcher Xudong Zheng, who discovered the attack.

“It becomes impossible to identify the site as fraudulent without carefully inspecting the site's URL or SSL certificate.” Xudong Zheng said in a blog post.

If your web browser is displaying "apple.com" in the address bar secured with SSL, but the content on the page is coming from another server (as shown in the above picture), then your browser is vulnerable to the homograph attack.

There is another proof-of-concept website created by security experts from Wordfence to demonstrate this browsers' vulnerability. It spoof "epic.com" domain.

Homograph attack has been known since 2001, but browser vendors have struggled to fix the problem. It’s a kind of spoofing attack where a website address looks legitimate but is not because a character or characters have been replaced deceptively with Unicode characters.

Many Unicode characters, which represents alphabets like Greek, Cyrillic, and Armenian in internationalised domain names, look the same as Latin letters to the casual eye but are treated differently by computers with the completely different web address.

For example, Cyrillic "а" (U+0430) and Latin "a" (U+0041) both are treated different by browsers but are displayed "a" in the browser address.

Punycode Phishing Attacks

 

 

By default, many web browsers use ‘Punycode’ encoding to represent Unicode characters in the URL to defend against Homograph phishing attacks. Punycode is a special encoding used by the web browser to convert Unicode characters to the limited character set of ASCII (A-Z, 0-9), supported by International Domain Names (IDNs) system.

For example, the Chinese domain "短.co" is represented in Punycode as "xn--s7y.co".

According to Zheng, the vulnerability relies on the fact that web browsers render only Punycode URLs in one language as Unicode (like only Chinese or only Japanese), but they fail if a domain name contains characters from multiple languages.

This loophole allowed the researcher to register a domain name xn--80ak6aa92e.com and bypass protection, which appears as “apple.com” by all vulnerable web browsers, including Chrome, Firefox, and Opera, though Internet Explorer, Microsoft Edge, Apple Safari, Brave, and Vivaldi are not vulnerable.

Here, xn-- prefix is known as an ‘ASCII compatible encoding’ prefix, which indicates web browser that the domain uses ‘punycode’ encoding to represent Unicode characters, and Because Zheng uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0041), the defence approach implemented by web browser fails.

Zheng has reported this issue to the affected browser vendors, including Google and Mozilla in January.

 While Mozilla is currently still discussing a fix, Google has already patched the vulnerability in its experimental Chrome Canary 59 and will come up with a permanent fix with the release of Chrome Stable 58, set to be launched later this month.

Meanwhile, millions of Internet users who are at risk of this sophisticated hard-to-detect phishing attack are recommended to disable Punycode support in their web browsers in order to temporarily mitigate this attack and identify such phishing domains.

Mitigation For Firefox Users (Not FIX For Chrome)

Firefox uses can follow below-mentioned steps to manually apply temporarily mitigation:

1. Type about:config in address bar and press enter.
2. Type Punycode in the search bar.
3. Browser settings will show parameter titled: network.IDN_show_punycode, double-click or right-click and select Toggle to change the value from false to true.

Unfortunately, there is no similar setting available in Chrome or Opera to disable Punycode URL conversions manually, so Chrome users have to wait for next few weeks to get patched Stable 58 release.

Internet users are always advised to manually type website URLs in the address bar for important sites like Gmail, Facebook, Twitter,  Yahoo or banking websites, instead of clicking any link mentioned on some website or email, to prevent against such undetectable attacks.

Read More

how to download windows 10 for free full version

in this video, i used windows 10 o.s. , but this same method will work for download windows 10 for free full version on windows 8 / windows 7 / windows 8.1



Let's free download Windows 10 (32/64 bit) full version for experiencing amazing new features of this best Microsoft Windows system ever.

Microsoft Windows 10 full version was released on July 29, 2015 from when you can purchase Windows 10 or free upgrade from Windows 7 or Windows 8.1 for PC and tablet. Along with this good news, another concerned question appears. Can we free download Windows 10 full version? Where and how to download Windows 10 full version?

Notice: 1 year free upgrade from Windows 7/8 to Windows 10 expired on July 29, 2016

How to Free Download Windows 10 Full Version :

get media creation tool to download windows 10 from https://www.microsoft.com/en-in/software-download/windows10

Windows 7/8.1 users were granted a free upgrade with reserving free copy of Windows 10 full version before July 29, 2016
 while the other Windows users or Mac/Linux users who want to swift to Windows are more likely to free download Windows 10 full version ISO online.

First of all, you can read reviews of Windows 10 to learn performance, features and more about this new system to determine whether to download or not. If yes, you must have brief knowledge of system requirements for Windows 10 full version free download.
• Processor: 1 GHz or faster processor or SoC
• RAM: 1 GB for 32-bit or 2 GB for 64-bit
• Space: 16 GB hard disk free for 32-bit OS 20 GB for 64-bit OS
• Graphics card: DirectX 9 or later with WDDM 1.0 driver
• Display: 800x600
Make sure that your devices are totally compatible with Windows 10 and follow the guides to free download Windows 10 full version as shown in above video.

• my overview about feature of windows 10:

Windows 10 is so familiar and easy to use, you'll feel like an expert. The Start Menu is back in an expanded form, plus it'll bring over your pinned apps and favorites so they're ready and waiting for you.

It starts up and resumes fast, has more built-in security to help keep you safe, and is designed to work with software and hardware you already have.

The web that works the way you do.

Windows 10 comes with Microsoft Edge, an all-new browser that's built to give you a better web experience. Write or type notes directly on webpages and share them with others, read online articles free of distraction, and save your favorite reads for later access. And with Cortana enabled, you get instant access to key actions--like making reservations or reading reviews--without leaving the page you're on.

Meet Cortana, your truly personal digital assistant.

Cortana works across your day and your devices to help you get things done. By learning more over time, Cortana becomes more personal and useful to you. Cortana's also best at reminders, delivering them at the right time and place so you forget less and can do more.

Multi-doing helps you get to "done" faster.

Easily snap up to four apps in place and see all open tasks in a single view. You can even create virtual desktops when you need more space or want to group things by project.

Windows Store is your one-stop shop.

Introducing the new Windows Store, a unified shopping experience across every Windows 10 device. Browse the store on your PC, tablet, or phone and easily purchase great digital content including apps, games, music, movies and TV shows.

Xbox is coming to Windows.

Get the biggest Xbox franchises with the best of Xbox Live. Start recording gameplay in seconds, compete against console players, and stream games from your Xbox One console to your Windows 10 device from anywhere in your home.

Read More

Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network

The Shadow Brokers – a hackers group that claimed to have stolen a bunch of hacking tools from the NSA – released today more alleged hacking tools and exploits that target earlier versions of Windows operating system, along with evidence that the Intelligence agency also targeted the SWIFT banking system of several banks around the world.

Last week, the hacking group released the password for an encrypted cache of Unix exploits, including a remote root zero-day exploit for Solaris OS, and the TOAST framework the group put on auction last summer.

The hacking tools belonged to "Equation Group" – an elite cyber attack unit linked to the National Security Agency (NSA).

Now, the Shadow Brokers group just published a new 117.9 MB of encrypted archive via its new blog post, titled "Lost in Translation," which can be unlocked by anyone using password "Reeeeeeeeeeeeeee."

Someone has already uploaded the unlocked archive on GitHub and listed all the files contained in the dump released by the Shadow Brokers, which includes 23 new hacking tools.

These hacking tools have been named as OddJob, EasyBee, EternalRomance, FuzzBunch, EducatedScholar, EskimoRoll, EclipsedWing, EsteemAudit, EnglishMansDentist, MofConfig, ErraticGopher, EmphasisMine, EmeraldThread, EternalSynergy, EwokFrenzy, ZippyBeer, ExplodingCan, DoublePulsar, and others.

Security researchers have started delving into the dump to determine the capabilities of the alleged exploits, implants and payloads that are claimed to work against Windows platforms.

NSA DUMP: Windows, Swift, and OddJob

The latest dump comprises of 3 folders: Windows, Swift, and OddJob.

"So this week is being about money. TheShadowBrokers showing you cards theshadowbrokers wanting you to be seeing. Sometime peoples not being target audience. Follow the links for new dumps. Windows. Swift. Oddjob," the Shadow Brokers latest blog post reads.

The Windows folder holds many hacking tools against Windows operating system, but works against only older version of Windows (Windows XP) and Server 2003, according to researchers.

“ETERNALBLUE is a #0day RCE exploit that affects latest & updated Windows 2008 R2 SERVER VIA SMB and NBT!” tweeted the security researcher known as Hacker Fantastic on Twitter.

Another folder, named OddJob, contains a Windows-based implant and includes alleged configuration files and payloads. While the details on this implant are scarce at the moment, OddJob works on Windows Server 2003 Enterprise up to Windows XP Professional.

 

Some of the Windows exploits were even undetectable on online file scanning service VirusTotal, Security Architect Kevin Beaumont confirmed via Twitter, which indicates that the tools have not been seen before.

"A lot of good remote exploits in the #EquationGroup tools. Just a few well-designed 0days is enough to pwn the planet," tweeted another security researcher, who uses Twitter handle x0rz.

The SWIFT folder contains PowerPoint presentations, evidence, credentials and internal architecture of EastNets, one of the largest SWIFT Service Bureau in the Middle East.

  

SWIFT (Society for Worldwide Interbank Telecommunication) is a global financial messaging system that thousands of banks and organizations across the world use to transfer billions of dollars every day.

"A SWIFT Service Bureau is the kind of the equivalent of the Cloud for Banks when it comes to their SWIFT transactions and messages; the banks' transactions are hosted and managed by the SWIFT Service Bureau via an Oracle Database and the SWIFT Softwares," security researcher Matt Suiche explains in a blog post.

The folder includes SQL scripts that search for information from the Oracle Database like the list of database users and the SWIFT message queries.

  

Besides this, the folder also contains Excel files that indicate that the NSA's elite cyber attack unit Equation Group had hacked and gained access to many banks around the world, the majority of which are located in the Middle East like UAE, Kuwait, Qatar, Palestine, and Yemen.

"SWIFT Host of Palestinian Bank was running Windows 2008 R2 vulnerable to exploit framework FUZZBUNCH." Matt tweeted.

More key findings will come as soon as other security researchers delve into the latest dump.

This release is the latest from the Shadow Brokers desk and at the moment, it's not confirmed whether the hacking group holds more NSA hacking tools and exploits or this one is the last batch it stole from the United States intelligence organization.

UPDATE: EastNets Denies SWIFT Hacking Claims

In an official statement published today, EastNets denies that its SWIFT bureau was compromised, and says the reports of hack are "totally false and unfounded."

"The reports of an alleged hacker-compromised EastNets Service Bureau (ENSB) network is totally false and unfounded. The EastNets Network internal Security Unit has run a complete check of its servers and found no hacker compromise or any vulnerabilities."

"The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks. The photos shown on twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013." 

Read More

how to scan qr code and barcode in android mobile phone 2017

how to scan qr code and barcode in android... by pctricksandcybersecuritytest

QR codes are everywhere: these little pixelated squares appear on billboards and bus shelters, in magazine ads and on product packaging. Unlocking their contents can share contact info or Wi-Fi passwords, or take you to the website for a film you’ve just seen the poster for. So how do you use them? Here’s how to scan QR codes with an Android phone.

If you want to start scanning codes with your smartphone and you are looking for best qr code reader for android and best android barcode scanner, then you've come to the right place. Here i will explain how to scan QR and barcodes with your Android smartphone.

What are QR codes?

QR is an acronym for Quick Response. It’s a smarter version of the ubiquitous barcode, and it was originally developed in Japan for the automotive industry. Machines can read QR codes more quickly than barcodes, and QR codes can store more data in less space too.

If QR codes had stayed inside factories we probably wouldn’t care, but they’re used for all kinds of things now: coffee shop loyalty programs, e-tickets for sports and concerts, 'find out more' links on adverts or packaging, and sharing contact information.

For most of us, the main reason to use QR codes is to obtain a web link to find out more information about something or to get a password for a wireless network: scan the code and the information should appear in your web browser or connect you to the network. But how do you scan it? All you need is the right app.


QR Codes were invented by Denso Wave in 1994. At first, they were used to track vehicle parts during the manufacturing process. Now, QR Codes are a popular marketing tool, allowing users to quickly access websites and other media. A QR Code can contain such things as text, a URL, an SMS or a phone number. This video guide will show you how to read them.


QR codes are used for storing alphanumerical data, thus they are a good way of sharing information, like a website or product information on a small square. Obviously, your Android smartphone or tablet can easily be turned into a QR code reader with the appropriate application. i have identified best QR code-reading app in this video.

- Barcode Scanner

it is qr code and barcode scanner app for android

qr code scan & barcode scanner free download from  https://play.google.com/store/apps/details?id=com.google.zxing.client.android

This aptly named app from the ZXing Team is a veteran of its kind, as it is one of the most well-known barcode reading apps. It does exactly what its name suggests: scans barcodes. It supports many types of 1D and 2D barcodes and has quite a lot of settings to be configured. It can automatically open recognized web addresses, stores a history of scanned codes, can use the device’s LED light to help read codes, can scan inverted (white on black) codes and can even scan many barcodes continuously with the help of the bulk scan mode.

- overview of free barcode scanner app

this barcode scanner software can Scan barcodes on products, or Data Matrix and QR Codes containing URLs, contact info, etc

it is best qr code reader app and best android barcode scanner app in my opinion

with this app, you can Scan barcodes on products, or Data Matrix and QR Codes containing URLs, contact info, etc.

- Are there any risks to scanning QR codes?
Actually, yes. A scam known as 'attagging' involves pasting new QR codes over existing ones, for example by pasting a label over the QR code on a poster. The new code could link to malicious software that might then access your camera or your personal data. In Russia, a QR code scam made phones send premium-rate texts at US$6 per text. Such malware is very, very unusual, but it does exist and has done for several years.

- Conclusion

QR codes might not have become the groundbreaking thing they were hoped to be, but they are still found everywhere and can be useful. Of course they’re not worth much without a scanner, but that’s where your smart Android device comes into play. There is an incredible number of barcode reading applications available on the Google Play store and most of qr code reader app have the same features. In this video i tried to share application that are at least a bit unique, offer useful extra features, or at least they are very fast and can scan codes in a snap.

Read More

Microsoft Finally Reveals What Data Windows 10 Collects From Your PC

Since the launch of Windows 10, there has been widespread concern about its data collection practices, mostly because Microsoft has been very secretive about the telemetry data it collects.

Now, this is going to be changed, as Microsoft wants to be more transparent on its diagnostics data collection practices.

Till now there are three options (Basic, Enhanced, Full) for Windows 10 users to select from under its diagnostics data collection section, with no option for users to opt out of sending their data to Microsoft.

Also, the company has never said precisely what data it collects behind these options, which raised huge privacy concerns among privacy-conscious users.

But now for the first time, Microsoft has revealed what data Windows 10 is collecting from your computer with the release of the Windows 10 Creators Update, bringing an end to nearly two years of its mysterious data collection practices.

The Windows 10 Creators Update, which will be available from April 11 for users to download for free, comes with a revamped Privacy settings section.

During the process of upgrading to the Creators Update, you will be displayed a new Privacy Settings screen that will ask you to toggle the following features:

• Location – Allow Windows and apps to request your location and share that data with Microsoft.
• Speech Recognition – Allow Cortana and Windows Store apps to recognize your voice and send that data to Microsoft to improve speech recognition.
• Tailored experiences with diagnostic data – Allow Microsoft to use diagnostic data from your computer to offer tips and recommendations.
• Relevant ads – Allow apps to use advertising IDs to show ads more interesting to you based on your app usage.

What's more? On Wednesday, Microsoft published a massive list of diagnostics data – both the Basic and Full levels of diagnostics – on its TechNet site, showing what data gets collected.

• Basic – The Basic level collects a limited set of data that is critical for understanding the device and its configuration. This data includes basic device information, quality-related information, app compatibility, and Windows Store.
• Full – The Full level collects data for the following nine categories: common data; software setup and inventory data; product and service usage data; browsing, search and query data; content consumption data; linking, typing, and speech utterance data; and licensing and purchase data.

Windows chief Terry Myerson said in a blog post published Wednesday that Microsoft hoped the transparency would allow users to make "more informed choices" as the company starts rolling out its new Creators update to the operating system.

This more transparency in gathering diagnostic data after two years of the Windows 10 release is likely Microsoft's response to European Union regulators that's publicly pressuring the company about its privacy practices for the past year.

In February, European Union regulators said they're still unsatisfied with the privacy changes announced by Microsoft and seeking further clarification from the company.

Marisa Rogers, the privacy officer of the Microsoft's Windows and Devices Group, said that the company is planning to "share more information about how [it] will ensure Windows 10 is compliant with the European Union's General Data Protection Regulation."

Read More

U.S. Trade Group Hacked by Chinese Hackers ahead of Trump-Xi Trade Summit

Researchers have uncovered a Chinese cyber-espionage against the United States ahead of the trade summit on Thursday between US President Donald Trump and China's President Xi Jinping.

According to a new report published today by Fidelis Cybersecurity firm, the Chinese APT10 hacking group implanted a piece of malware on the "Events" page of the US National Foreign Trade Council (NFTC) website in February.

Dubbed 'Operation TradeSecret,' the attack against the NFTC site is seen as an attempt to conduct surveillance on the main industry players and lobbyists closely associated with U.S trade policy activities.

Researchers say hackers placed a malicious link on the NFTC website, inviting the organization's board of directors to register for a meeting in Washington DC on March 7. But clicking on the link deployed a spying tool called "Scanbox."

Dates back to 2014, Scanbox – previously used by nation-state threat actors associated with the Chinese government – has the ability to record the type and versions of software a victim is running and run keyloggers on compromised computers, said Fidelis researcher John Bambenek.

"This attack was really at its core a reconnaissance attack. Anyone who visited this calendar entry would expose their software versions and use a JavaScript keylogger that could expose their identity," said Bambenek.

"Traditionally these attacks are used to precisely identify targets and help them craft targeted phishing attacks using exploits they know the victim is vulnerable to."

The malicious link was active on the NFTC website between February 27 and March 1. The malware was already removed from the site by the time Fidelis contacted NFTC.

The NFTC's staff and board represent many influential people and companies -- from President Rufus Yerxa, the U.S. Ambassador to GATT to executives from major companies including Google, Amazon, eBay, IBM, Coca-Cola, Microsoft, Oracle, Cisco, KPMG, Pfizer, Visa, Ford, Halliburton, and Walmart.

Although Fidelis detected no further attacks on NFTC board members, the security firm believed the hackers were after a full range of entities relevant to the trade negotiations due to take place Thursday between US and China.

This is the second time in a week when APT10 cyber espionage campaign has come to light. A report released this week by BAE Systems, and PwC also claimed that APT10 was targeting managed IT services providers (MSPs) and their customers across the globe to steal sensitive data.

Read More

Android Beats Windows to Become World's Most Popular Operating System

It's an impressive milestone for Google — For the first time in decades, Android has been crowned as the world's most popular operating system in terms of Internet usage, knocking Microsoft Windows off the top spot.

According to a new report from web traffic analytics firm StatCounter, Google's Android is the most popular operating system worldwide in terms of total internet usage across desktop, laptop, tablet, and mobile combined.

Looking at overall internet usage, Android represented 37.93 percent of the global OS Internet usage market share in March, while Windows accounted for 37.91 percent.

Although Windows is still not far behind, Android taking the lead is being described by StatCounter CEO Aodhan Cullen as a "milestone in technology history."

This achievement is due to the fact that mobile devices are used to connect to the Internet far more frequently than desktops and laptops, and people are spending more time on smartphones surfing the Internet than on desktops.

The report showed that Windows is still holding a 39.5 percent of the Internet usage market share against Android's 25.7 percent in North America, and 51.7 percent against 29.2 percent in Europe.

Android leads in Asia with a vast majority of internet usage in countries including India (79 %), Indonesia (72 %) and China (57 %).

However, one should keep it in mind that Windows still accounts for 84 percent of the worldwide desktop operating system market in March.

"Windows won the desktop war, but the battlefield moved on," Cullen noted. "It will be difficult for Microsoft to make inroads in mobile, but the next paradigm shift might give it the opportunity to regain dominance. That could be in Augmented Reality, AI, Voice or Continuum."

Statcounter collects its data with the help of tracking codes installed on websites that record page views.

The latest Statcounter's findings are based on 2.5 million websites that the firm claims generate over 15 billion monthly page views. The chart also highlights the internet usage of Apple’s operating system as well.

During March 2017, the users of Apple's mobile operating system (iOS) were three times more active on the internet than users of Apple's desktop operating system (Mac OS X).

Read More

Kaspersky Total Security (2017) Review & Rating

Kaspersky Total Security review

does kaspersky total security protect against malware?
does kaspersky remove malware?
if you have this kind of question then you will get answer in above video.

Kaspersky Lab makes some of the best antivirus products out there, offering thorough protection against all malware that threatens a PC. All three of its Windows programs — Kaspersky Anti-Virus, Kaspersky Internet Security and Kaspersky Total Security — share the same excellent malware-scanning engine and intuitive user interface, and have the same moderate performance impact upon a computer.

Your choice of which software to buy, if any, depends on needs and budget. If you have young kids at home, you'll want the parental controls offered by Kaspersky Internet Security. If you don't already have a password manager or backup software, you may want to consider Kaspersky Total Security. If you have only a single machine to protect, Kaspersky Anti-Virus may be for you.

All three products work with Windows XP through Windows 10. The premium Android software included with Internet Security and Total Security support Android 4.0 Ice Cream Sandwich and up. The Mac application requires OS X 10.9 Mavericks and later; its features generally line up with those of Kaspersky Internet Security.

►Antivirus Protection

Kaspersky Anti-Virus, Internet Security and Total Security use the same scanning engine to root out malware. The engine combines traditional signature-matching of known malware with continuous heuristic monitoring of the system for behavior and suspicious code that may indicate an infection. If new malware is found on your system, a copy is automatically uploaded to Kaspersky's research lab for analysis, and a signature is then distributed to the company's 400 million users. Collection of new malware is anonymous and you can opt out of it at any time.

All three Kaspersky let you start scans in two clicks from the home page. Full Scan inspects everything that can be infected on the hard drive, while Quick Scan examines only the most susceptible files.

►Extra features

Kaspersky Total Security is a fully-featured software package with a large array of extra tools to justify the subscription costs. Kaspersky has spent a great deal of the last year building its brand around protecting families, and if you buy Total Security you'll also get a licence for Safe Kids, Kaspersky's separate parental controls application.

Total Security itself, there are some simple parental control settings, including an adult website filter, adult software filter and settings that let you limit how long your child can browse on weekdays and weekends.

Away from parental controls, there are some useful diagnostic tools for keeping an eye on your PC. A Task Manager-like interface shows you CPU and RAM usage, while the network monitor provides a slightly more user-friendly view of your bandwidth usage totals than Windows' own Resources Manager. There's also a file shredder and a tool for creating a bootable rescue disk, which can scan your PC for malware before Windows boots, bypassing the craftiest malware that that hides itself or disables your anti-virus protection when Windows has booted.

Remote management is also included, although it's not particularly useful unless you have an Android device. The web-based interface lets you run scans and enable features on your Windows PC or laptop, but it doesn't extend further than that. If you install the Android app (see box) you can wipe your device remotely, take a snapshot with the front-facing camera, and sound an alarm if you think you might just have lost it down the back of sofa cushion.

in my Kaspersky 2017 Review
Kaspersky Total Security is the only security package on test here that was able to achieve both perfect Protection and Legitimate Software score. That in itself is impressive,although with such stiff competition and such a high standard in this round of testing,there are fewer places to hide than usual. Kaspersky's software has small system footprint and is reasonably priced, too, and included smartphone anti-theft tools are very good indeed. If you use all the tools provided,it's very good value.

►Pros

-Security Network pools intelligence, good range of tools, low price
-Kaspersky includes a virtual keyboard to protect against keyloggers.

►Cons

-Slow to show interface, no explicit anti-ransomware module, cannot resize interface.

►Verdict 

-Easy installation,backing of a global community, and privacy tools make Kaspersky Total Security 2017 a good choice for startups as well as home users
-Kaspersky Internet Security offers protection against malware threats without draining computer of its valuable resources.

Read More